10-09-2018
Finally i found the solution
modify both files /etc/pam.d/system-auth-ac as well as /etc/pam.d/password-auth-ac
Add for the user test this line
auth requisite pam_succeed_if.so user != test
Put the line like below:
auth required pam_env.so
auth sufficient pam_unix.so nullok try_first_pass
auth requisite pam_succeed_if.so uid >= 500 quiet
auth requisite pam_succeed_if.so user != test <-- The entry should be added here.
Vincenzo
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
how can i find my own ip address from unix. command like who -x .this would provide all the ip address but i need to list only current user ip address. who am i command does not display the ip. (1 Reply)
Discussion started by: naushad
1 Replies
2. UNIX for Dummies Questions & Answers
how can i find my own ip address from unix. command like who -x .this would provide all the ip address but i need to list only current user ip address. who am i command does not display the ip. (9 Replies)
Discussion started by: naushad
9 Replies
3. UNIX for Dummies Questions & Answers
Thanks
AVKlinux (3 Replies)
Discussion started by: avklinux
3 Replies
4. OS X (Apple)
Hi,
I'm brand new here and looking for a solution:
I'm using mail or mailx. The default reply address is «myshortusername@mylongusername.local» which makes absolutely no sense for anybody receiving my emails.
But how do I change it? There seem to be many solutions but none for Mac OS X.... (0 Replies)
Discussion started by: gczychi
0 Replies
5. UNIX for Advanced & Expert Users
Besides doing some shell-script which loops through /etc/passwd, I was wondering if there was some command that would tell me, like an enhanced version of getent.
The Operating system is Solaris 10 (recent-ish revision) using Sun DS for LDAP. (5 Replies)
Discussion started by: ckmehta
5 Replies
6. Shell Programming and Scripting
Hi Gurus,
I have a script that requires me to switch from local user to root. Anyone who has an idea on this since when i switch user to root it requires me to input root password.
It seems that i need to use expect module here, but i don't know how to create the object for this.
... (1 Reply)
Discussion started by: linuxgeek
1 Replies
7. Solaris
Here is the log im pasting for verbose ssh:
-bash-2.05b$ ssh -v qa_fnp@10.41.11.23
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will... (5 Replies)
Discussion started by: kirtikjr
5 Replies
8. UNIX for Dummies Questions & Answers
How to fetch only local user without duplication from /etc/passwd using scripting?? (4 Replies)
Discussion started by: AhmedLakadkutta
4 Replies
9. Red Hat
Hi
We have these specific requirements for a bunch of servers we have and cannot seem to get pam to behave in this way. We would like:
PAM locks accounts if pam tally reaches 10.
PAM unlocks the account after 30mins from locking it, and resets the pam_tally.
The key is that we don't... (0 Replies)
Discussion started by: snoop2048
0 Replies
10. Shell Programming and Scripting
Hi,
I need to switch from local user to root user in a shell script.
I need to make it automated so that it doesn't prompt for the root password.
I heard the su command will do that work but it prompt for the password.
and also can someone tell me whether su command spawns a new shell or... (1 Reply)
Discussion started by: Little
1 Replies
LEARN ABOUT SUSE
pam_succeed_if
PAM_SUCCEED_IF(8) Linux-PAM PAM_SUCCEED_IF(8)
NAME
pam_succeed_if - test account characteristics
SYNOPSIS
pam_succeed_if.so [flag...] [condition...]
DESCRIPTION
pam_succeed_if.so is designed to succeed or fail authentication based on characteristics of the account belonging to the user being
authenticated. One use is to select whether to load other modules based on this test.
The module should be given one or more conditions as module arguments, and authentication will succeed only if all of the conditions are
met.
OPTIONS
The following flags are supported:
debug
Turns on debugging messages sent to syslog.
use_uid
Evaluate conditions using the account of the user whose UID the application is running under instead of the user being authenticated.
quiet
Don't log failure or success to the system log.
quiet_fail
Don't log failure to the system log.
quiet_success
Don't log success to the system log.
Conditions are three words: a field, a test, and a value to test for.
Available fields are user, uid, gid, shell, home and service:
field < number
Field has a value numerically less than number.
field <= number
Field has a value numerically less than or equal to number.
field eq number
Field has a value numerically equal to number.
field >= number
Field has a value numerically greater than or equal to number.
field > number
Field has a value numerically greater than number.
field ne number
Field has a value numerically different from number.
field = string
Field exactly matches the given string.
field != string
Field does not match the given string.
field =~ glob
Field matches the given glob.
field !~ glob
Field does not match the given glob.
field in item:item:...
Field is contained in the list of items separated by colons.
field notin item:item:...
Field is not contained in the list of items separated by colons.
user ingroup group
User is in given group.
user notingroup group
User is not in given group.
user innetgr netgroup
(user,host) is in given netgroup.
user notinnetgr group
(user,host) is not in given netgroup.
MODULE TYPES PROVIDED
All module types (account, auth, password and session) are provided.
RETURN VALUES
PAM_SUCCESS
The condition was true.
PAM_AUTH_ERR
The condition was false.
PAM_SERVICE_ERR
A service error occurred or the arguments can't be parsed correctly.
EXAMPLES
To emulate the behaviour of pam_wheel, except there is no fallback to group 0:
auth required pam_succeed_if.so quiet user ingroup wheel
Given that the type matches, only loads the othermodule rule if the UID is over 500. Adjust the number after default to skip several rules.
type [default=1 success=ignore] pam_succeed_if.so quiet uid > 500
type required othermodule.so arguments...
SEE ALSO
glob(7), pam(8)
AUTHOR
Nalin Dahyabhai <nalin@redhat.com>
Linux-PAM 04/01/2010 PAM_SUCCEED_IF(8)